Skip to main content

Posts

Showing posts from July, 2005

Setting up transparent proxy server

Hi all,

Today, while setting up ip for my internal network, i found out that i have run out of IPs and the internet access was very slow. I ran into a situation called "bottleneck". A situation where a road becomes narrow with heavy traffic. How to speed up this? The answer is proxy server.

On with the theory
Proxy server is a server that can cache visited web pages. Dynamic web pages are not cached. When a client access a website, the proxy server , on behalf of the client access the website and cache it. the next the client or other client wants to connect to the site, the proxy server just give the cached site to the client. Thus reducing the response time from the actual site.

Transparent proxy
In a normal proxy case, you have to set manually for each client to connect to outside. It is not a practical solution if you have a lot of workstations + many apps to connect to the internet. What is more practical solution? The answer is "transparent proxy" and now iptables…

Setting up virus scanner for mail server

This task is quite simple and the tools are readily available on the internet. In the spirit of Open Source, may of the tools are made free and come with source code. Binary version for may distros are available too. It's only a matter of choice and how we're going to set things up.

Antivirus
Clam antivirus is one of the best antiviri around. So far she can detect almost 97% of Windows viri and worms. Those viri are always reached our computers over network and internet. The main medium is email. I personally got in average 5 to 10 emails containing virus. That's why, antivirus is really important these days.

Trashscan
This is a script invoked by procmail to scan and send a notice to the sender if the mail contains virus. trasscan comes with clamav package.

Setting up procmailrc for scanning

#
# procmail configuration for TrashScan:
# ZapCoded by Trashware; 13.10.2002
#

# [ ... ]

# ----------------------------------------------------------------------------- #
# Virus scan section ...…

Setting up Spam Detection System for mail server

For over a month, I did a research on how to install, configure and test spam detection system on mail server which i manage. Here's the quick step :

1. Install spamassassin from spamassassin.org. I use spamc and spamd and not the perl version. Advantage: faster for bz server.

2. Make this setting in /etc/mail/spamassassin/local.conf



# SpamAssassin user preferences file.
# See 'man Mail::SpamAssassin::Conf' for
# details of what can be tweaked.

# score needed to deem an email to be spam.
# the lower the score, the more likely the email
# will be classified as spam. default is 5, but
# I have found that 4 works a little bit better
required_hits 4

# if you find an email from an address classified
# as spam that should
# *never* be classified as spam, add it to the whitelist
whitelist_from *@mp3.com

# if you receive an email from an address that will
# always be spam, add it to the blacklist (comma separated)
blacklist_from big@boss.com

# Whitelist and blacklist addresses are now
# file-glob-…

Internet is ready

yesterday i managed to move the servers from old building to the new building. here are the pics just taken before I wrote this blog.

Technician Room


Computers are ready to be serviced!

No network huh?

Since 2 weeks ago, the new building was waiting for me to put all my stuff there but I just couldn't. Why? because the internet is not there yet. How can I work without it? My work needs an internet connection. So what should I do? Not moving!. and it is worth cause the UITM registration tomorrow needs internet connection to register the new students online. If I did move, I have to carry all the servers and routers and swtches to the old building. Actually I was waiting for TMNet personal to call me about the line at the new building yesterday but no one call.

Now I'm at office chatting and sms'ing my friend. One is my ex-student and the other one is my chatting friend. Network at the new building is still not complete yet. Lab 1 and 2 will be completed in a day or 2. I can't wait to keep my hands dirty configuring and troubleshhoting the new network. I noticed yesterday that the new switches were all 3com.